UCSF Medical Center Admits Security Breach

The University of California San Francisco (UCSF) Medical Center recently began notifying 3,451 of its patients that their personal and health information may have been exposed when an unencrypted laptop was stolen from a UCSF Liver Transplant employee's locked vehicle on September 9, 2013 (h/t PHIprivacy.net).

The laptop contained the patients' names, medical record numbers and some health information, along with Social Security numbers for some patients.

While there's no indication at this point that the information on the laptop has been accessed or misused, notification letters have been sent to all those affected, and patients whose Social Security numbers may have been accessed are being offered one free year of credit monitoring services from ID Experts.

"The University of California is committed to maintaining the privacy of personal information and takes many precautions to secure that information," UCSF Medical Center executive director Reece Fawley wrote in the notification letter [PDF]. "In response, we have reviewed the incident and are working to strengthen our educational and operational processes for safeguarding our patients' health information. We trust that these measures will help to prevent a similar occurrence in the future."